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3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
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4a) Of the above claim(s) is/are withdrawn from consideration. 

Claim(s) is/are allowed. 

6) |EI Claim(s) 1-16 is/are rejected. 

7) ^ Claim(s) 17 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 
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DETAILED ACTION 

1. Claims 1-17, have been examined, and are pending 

Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .1 7(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
04/23/2009 has been entered. 



Response to Arguments 

Applicant's arguments have been considered but are moot in view of the new ground(s) 
of rejection 

Claim Rejections - 35 USC § 101 

4. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

Claim 1 5 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non- 
statutory subject matter. Claim 1 5 references a computer program that is not embedded within 
a computer readable medium or other statutory matter. 



Claim Rejections - 35 USC § 103 
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4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

5. The factual inquiries set forth in Graham v. John Deere Co,, 383 U.S. 1 , 148 
USPQ 459 (1968), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 , Determining the scope and contents of the prior art, 

2. Ascertaining the differences between the prior art and the claims 
at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4, Considering objective evidence present in the application 
indicating obviousness or nonobviousness. 



8. claims 1, 2, 3,4,6,7,9,10,11,12,14,15, and 16 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over applicant admitted prior art 'AAPA' (fig.1 ), in view of Ventura to 
(US2003/01 10273) , and further in view of Furukawa to (US20060038788), 



Regarding claims 1, 9, 14, 15, and 16, 'AAPA' (fig.1) teaches a computer network 
system comprising: a plurality of client hardware elements forming a computer network (fig. I 
cloud . 1 1 4); a server network segment comprising a plurality of service (fi g. 1 . cloud 1. 12); and a 
router for interconnecting the computer network with the server network segment (fig. 1 
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box. .1 1 6); the computer network being assigned at least one first access address range (fig. 1 , IP- 
range 10.x. >,..*<), 

the server network segment being assigned , the at least one third access address range 
(fig.L IP-range 10.10.10.x) is a shared address range representing at least a sub-range of the at 
least one first access address range(fig. 1 , IP-range 10.10.10.x, in the server segment and the IP- 
range 10.x.x.x on the computer network segment are shared range ), each of the plurality of 
services being assigned one access address within the shared address range (IP-range 10.10.10.x, 
in the server segment, each service have separate port number). 

T hough, 'AAPA' teaches a router with access list, it does not specifically teach where the 
router routes packets within the shared access address range and blocks packets from the 
exclusive address range. Furthermore , 'AAPA' also does not specifically teach the server 
network segment being assigned at least one second access address range, wherein the at least 
one second access address range is an exclusive address range separate from the at least one first 
access address range, 

However', in an analogous arts Ventura teaches a server network segment assigned at 
least one second access address range, wherein the at least one second access address range is 
an e <cl isb idrcss t [00 1 1 ] discloses private IP) separate from the at least one first 
access address range { [00.1 1] discloses a server communication with private IP and public IP. 
Where the private IP is used to access exclusive documents that are not accessible by outside 
parties) 
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Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of the AAPA' by assigning at least one second 
tcecss adds nge on the % - - 1 t c nt « h n the at 1 t one sc< nci ecs,- idvo 
range is an exclusive address range separate from the at least one first access address range, as 
suggested by Ventura. This modification would benefit the system of 'AAPA" to improve 
security. 

Furukawa teaches a packet filter employed in an access control apparatus where packets 
are routed within the shared access address range (i.e. non-private address communication 
range) and blocked from the exclusive address range (i.e. private address communication 
range) ([0012]-[0013] discloses packet filleting that blocks communication with private address 
communication range and allow communication with non-private address communication 
range) 

Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of the 'AAPA" by Including a filtering system to 
allow packets from the shared access range and to block packets from the exclusive access 
address range, as suggested A 1 uru! awa. Thk modification would benefit the system b\ 
providing additional security since the private addresses arc not known to the external 
environment (see I ami ana, A--i--,i- t) 

Regarding claims 2, and 10, 'AAPA' (fig. 1) teaches a computer network system according to 
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claim 1 , and 9 wherein the access address ranges are Internet Protocol address ranges ( tig. I 
shoves an IP-range). 

Regarding claims 3, and 11, ''AAPA' (fig. I) teaches a computer network system according to 
claim 1, and 9 wherein the server network segment is a LAN server (fjg.1 shows a LAN server). 

Regarding claims 4, and 12, 'AAPA'' (fig.l) teaches a computer network system according to 
claim 1, and 9 wherein the computer network, is a Local. Area. Network LAN or a Wide Area 
Network WAN (fig.l a Local Area computer Network). 

Regarding claim 6, 'AAPA' discloses a router for interconnecting a server network segment 

comprising a plurality of services with a computer network (fig. 1, box. 1 16) 

the computer network being assigned at least one first access address range (fig. l JP-range 

IO.x.x.x), 

the server network segment being assigned , the at least one third access address range 
(fig. 1 , IP-range 10, 1 0. 1 O.xYis a shared address range representing at least a sub-range of the at 
least one first access address range(fig.I, IP-range 10.10.10.x, in die server segment and die IP- 
range IO.x.x.x on the computer network segment are shared range ), each of die plurality of 
services b s ot ces add? s wiuil he sh \ {address at (IP 0 ! > x, 

n the 1 s , ,% each s vice have separate port m aber) 
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Though, 'AAPA' teaches a router with access list, it does not specifically teach where the 
router routes packet* within the shared access address range and blocks packets from the 
exclusive address range, furthermore , 'AAPA' also does not specifically teach the server 
n< H\ ( a k -<>r i be , *•> gred at least one second access address range, wherein the at least 
one second access address range is an exclusive address range separate from the at least one first 
access address range. 

However, in an analogous art, Ventura teaches a server network segment assigned at least 
one second access address range, wherein the at least one second access address range is an 
exclusive address range ([001 1] discloses private IP) separate from the at least one first access 
address range ( [001 1] discloses a server communication with private IP and public IP. Where 
the private IP is used to access exclusive documents that are not accessible by outside parties) 

Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of the 'AAPA* by assigning at least one second 
access address .arge oi ^ - s ^ 

range is an exclusive address range separate from the at leas; one first access address range, as 
suggested by Ventura. This modification would benefit the system of 'AAPA'' to improve 
security. 

Furukawa teaches a packet filter employed in an access control apparatus where packets 
are routed within the shared access address range (i.e. non-private address communication 
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range) ([0012]-[0013] discloses packet filleting that blocks communication with private address 
communication range and allow communication with non-private address communication 
range) 

Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of the 'AAPA' by Including a filtering system to 
allow packets from the shared access range and to block packets from the exclusive access 
address range, as suggested by Furukawa. This modification would benefit the system by 
providing additional security since the private addresses are not known to the external 
environment (see Furukawa, abstract). 

Regarding claim 7, 'AAPA' teaches a router according to claim 6, the access address ranges 
arc Internet Protocol address ranges (fig.l shows an IP-range). 

7. Claims 5, 8 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 'AAPA', 
Ventura and Furukawa as applied to claims 1 and 9 above, in further in view of Lakshman et 
al. to (US5951651). 

Regarding claim 5, the combination of AAPA, Ventura , and Furukawa sil ent on, a computer 
network system according to claim. 1, wherein the router comprises a filter set up to block 
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addresses from the second access address range and to let pass addresses from the third access 
address range. 

However, in an analogous art, Lakshman teaches wherein, the router comprises a filter set 
up to block addresses from the second access address range and to let pass addresses from the 
third access address range (fig.2, fig.3,col.3 ins.58-64,and col.4 Ins. 12-21, disclose a router and 
filtering rules that can he applied in the router to block or pass packets). 

Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of 'AAPA' by including filter in the router to block 
addresses from the second access address range and to let pass addresses from the third access 
address range as suggested by Lakshman. This modification would benefit the system by 
providing a fast destination or source address check up to facilitate a speedy communication. 

Regarding claim 8, the combination of AAPA, Ventura , and Furukawa silent on a router 
according to claim 6, tire router comprising a filter which is set up to block addresses from, the 
second access address range and to let pass addresses from the third access address range. 

However, in an analogous art, Lakshman teaches wherein the router comprises a filter set 
up to block addresses from the second access address range and to let pass addresses from the 
third access address range(fig.2, fig.3,col.3 lns.58-64,and col.4 Ins. 12-21, disclose a router and 
filtering rules that can be applied in the router to block or pass packets). 
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Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of 'AAPA' by including filter in the router to block 
addresses from the second access address range and to let pass addresses from the third access 
address range as suggested by, Lakshman, for the same reasoning the examiner supplied in 
claim 5 above. 

Regarding claim 1.3, the combination of AAPA, Ventura , and Furukawa silent on a method 
according to claim 1 1 , further comprising the step of setting up a filter in the router in such a 
manner that the filter blocks addresses from the second access address range(s) and passes 
addresses from the third access address range(s). 

However, in an analogous art, Lakshman teaches wherein the router comprises a filter set 
up to block addresses from the second access address range and to let pass addresses from the 
third access address range(fig,2, fig.3,col.3 lns.58-64,and col.4 Ins. 12-21, disclose a router and 
■filtering rides that can be applied in the router to block or pass packets). 

Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of 'AAPA' by including filter in the router to block 
addresses from the second access address range and to let pass addresses from the third access 
address range as suggested by Lakshman, for the same reasoning the examiner supplied in claim 
5 above. 

Allowable Subject Matter 
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Claiml7 is objected to as being dependent upon a rejected base claim, but would be 
allowable if rewritten in independent form including all of the limitations of the base claim and 
any intervening claims. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. (See PTO-892). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to ZEWDU BEYEN whose telephone number is (571)270-7157. 
The examiner can normally be reached on Monday thru Friday, 9:30 AM to 6:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Huy Vu can be reached on 1-571-272-3155. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Supervisory Patent Examiner, Art Unit 2416 



